Use of credit cards, debit cards, access cards, and similar payment instruments has become the universally preferred means for consumer purchases of goods and services. For example, in order for a consumer to make a purchase, the consumer would have to have a payment instrument such as a credit card or a debit card. The payment instrument may include a magnetic strip or may be “contactless” in nature. In either case, personal financial information of the person to whom or entity to which the payment instrument is issued is embedded in the payment instrument so that a point-of-sale device is capable of reading to authorize a financial transaction.
At the point-of-sale device, the consumer or user of the payment instrument generally swipes the payment instrument through the point-of-sale device for the transaction to take place. Over time and repetition of use, the magnetic strip on the payment instrument degrades and the personal financial information becomes unreadable by the point-of-sale device. Degradation of the magnetic strip may cause payment rejection although the consumer may be the authentic owner of the payment instrument. Also, the payment instrument may get lost or stolen causing the owner of the payment instrument the potential hassles of unintended charges and liabilities, having to cancel the payment instrument, having to obtain a new payment instrument, and waiting for the new payment instrument to arrive.
A “contactless” payment instrument such as a mobile wireless instrument (e.g., a Smart Phone or an iPhone®) generally includes a memory chip and an antenna. Information stored on the memory chip, referred to in this disclosure as “financial data,” may be encoded in such a manner that the mobile wireless instrument may decode the financial data for use by the mobile wireless instrument. The process of decoding the financial data may be performed using a decoder or a processor executing a decoding algorithm or decryption algorithm with a decryption key.
The mobile wireless instrument may use the financial data to conduct a financial transaction across a credit network. The financial transaction, such as the payment for goods or services, may be transacted across a near field communication (NFC) enabled point-of-sale device. NFC technologies communicate over magnetic field induction, where at least two loop antennas are located within each other's “near field,” effectively forming an air-core transformer that operates within a globally available and unlicensed radio frequency which, as indicated, is an industrial, scientific and medical (ISM) band of about 13.56 MHz, with a bandwidth of almost 2 MHz.
When the consumer desires to conduct a financial transaction, the consumer is not required to have a payment instrument in the consumer's possession. Rather, the consumer can place his or her mobile wireless instrument in operational proximity to the point-of-sale device to initiate a financial transaction. Thereafter, the mobile wireless instrument sends an instruction to the point-of-sale device to authorize the financial transaction. The consumer may also be required to enter a personal identification number (PIN) to complete the financial transaction.
The financial data in the memory chip of the mobile wireless instrument is encrypted to protect unauthorized access or use. A decryption key is needed to decrypt the encrypted financial data. Credit card companies such as EMV (Europay, MasterCard and VISA) distribute one or more decryption keys to selected and authorized businesses for their point-of-sale devices.
Standard ISO 7813 defines the standards for financial data for payment instruments. Such financial data may include the name of the primary account holder, the primary account number, the country code, the expiration date of the payment instrument, and the PIN, among other data and information pertaining to a user of the payment instrument.
One drawback of storing the financial data on a mobile wireless instrument is the lack of being able to remove or transfer the financial data to another mobile wireless instrument. That is, once the financial data is stored on the memory chip of the mobile wireless instrument, the financial data cannot be removed or transferred to another mobile wireless instrument. This is problematic because with the continuous introduction of new mobile wireless instruments, users are looking to change their mobile wireless instruments quite frequently. The lack of being able to remove or transfer the financial data prevents the user from allowing or requesting the financial data to be stored on the mobile wireless instrument because of the fear of not being able to remove or transfer the data upon upgrade or change in the mobile wireless instrument.
Accordingly, a need exists in the industry for new and useful methods and apparatus for peer-to-peer transfer of secure data using near field communications.